oidc-provider/lib/actions/authorization/check_id_token_hint.js

OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect

import { InvalidRequest, OIDCProviderError } from '../../helpers/errors.js';

/*
 * Validates the incoming id_token_hint
 */
export default async function checkIdTokenHint(ctx, next) {
  const { oidc } = ctx;
  if (oidc.params.id_token_hint !== undefined) {
    let idTokenHint;
    try {
      idTokenHint = await oidc.provider.IdToken.validate(oidc.params.id_token_hint, oidc.client);
    } catch (err) {
      if (err instanceof OIDCProviderError) {
        throw err;
      }

      throw new InvalidRequest('could not validate id_token_hint', undefined, err.message);
    }
    ctx.oidc.entity('IdTokenHint', idTokenHint);
  }

  return next();
}